[Solved] Visitors are bypassing comment moderation by editing comments.
I'm having and issue where certain users are posting comments that passes WordPress comment moderation rules but then they edit their comment and the edited comment is not passed back through the WordPress moderation system. Will this be fixed or is there a workaround, other than disabling editing, that I can use for now?
Okay thank you. I guess I will have to hope there is some sort of hook that I can use to moderate the comment content before it is updated.
I think I found a way for you to fix it. I'm testing it now and I will let you know.
I believe I have fixed the problem by replacing line number 590 in class.WpdiscuzCore.php with the following:
$commentarr['comment_approved'] = wp_allow_comment( $commentarr );//use the same moderation function that is used when adding a new comment
$comment = get_comment($commentId);//update the comment variable with new approved state since it is used in the following lines.
It seems to be working as expected but I don't know if I missed any potential problems that may be caused by doing this.
I'll ask the plugin developers and let you know if it may cause some problems.
Thank you. I did some more checking and I don't think there will be any issues so I really hope they can include this fix in the next update. The only thing I noticed was that if a comment gets moderated after being edited, I do not receive the normal email notification for moderated comments. I'm sure they will be able to figure out how to fix this but it's not absolutely necessary. The wp_update_comment() function is basically a database update function so any comment data being passed to it, needs to first be rechecked the same way it is checked when adding a new comment. The line of code $comment = get_comment($commentId); that I added can be eliminated if other changes are made to the saveEditedComment() function.
Thank you for the solution @amor!
We probably include the changes in the next version release.
I just wanted to add that they will need to merge the new commentarr array with the old comment data array before passing it to the wp_allow_comment function so that author name, email and other relevant fields will also be passed for moderation.